Heartbleed Bug threatens web users privacy

A dangerous virus called the Heartbleed Bug poses a threat to web security

GRAND JUNCTION, Colo. A new web security threat called the Heartbleed Bug has been discovered this week and it is being considered the biggest exploit in the last 12 years.

Researchers discovered a broken code in the program that encrypts your personal information on websites and say it may have been like this for up to two years. The flaw leaves web users’ private information vulnerable to potential hackers.

"The damage could range from something small, like someone may be able to read your email, but then it may go to the opposite end and you could get total identity theft," CMU Professor Adam Cochran said.

The Heartbleed Bug is affecting everything from online banking and shopping to passwords and conversations. Popular websites that consumers access everyday like Amazon, Google and Yahoo rely on the flawed security program.

Hackers are also able to pose as you or as other websites, scamming users into giving them more personal information. The flaw could also give strangers access to computers or devices used to connect to the internet like phones or iPads making it possible for them to peek into phone calls, voicemails and emails.

Experts say the Heartbleed Bug leaves no trace so users won't ever know if they have even been hacked.

"I think that it’s important that people understand that there are experts around and when you are in doubt don’t just trust your emotions or gut or all of the panic," Cochran said.

Websites and other companies are working on getting their websites patched up, but some servers could take years to get rid of the problem.

Online Public Information File

Viewers with disabilities can get assistance accessing this station's FCC Public Inspection File by contacting the station with the information listed below. Questions or concerns relating to the accessibility of the FCC's online public file system should be directed to the FCC at 888-225-5322, 888-835-5322 (TTY), or fccinfo@fcc.gov.